Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
202
security advisorycriticalOpenSUSEopenSUSE Leap 16.0 openSUSE-SU-2026-20529-2 Botan Severe TLS Vulnerability
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for botan ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20528-1 Rating: critical References: * bsc#1261880 Cross-References: * CVE-2026-34582 CVSS scores: * CVE-2026-34582 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for Botan fixes the following issues: - CVE-2026-34582: Fixed a client authentication bypass in TLS 1.3 implementation (bsc#1261880) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-551=1 Package List: - openSUSE Leap 16.0: Botan-3.7.1-160000.3.1 Botan-doc-3.7.1-160000.3.1 libbotan-3-7-3.7.1-160000.3.1 libbotan-devel-3.7.1-160000.3.1 python3-botan-3.7.1-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-34582.html . This update addresses a critical bug in Botan, resolving a TLS 1.3 client auth bypass issue. Upgrade now for security.. openSUSE, Botan, TLS security, critical updates, client authentication. . Severity: Critical. LinuxSecurity.com Team
Apr 21, 2026
•Critical
OpenSUSE
203
security advisorysegmentation faultopenjdkMageia: MGASA-2023-0326 moderate: OpenJDK segmentation fault advisory
The updated packages fix security vulnerabilities: Segmentation fault in ciMethodBlocks. (CVE-2022-40433) Certificate path validation issue during client authentication. . MGASA-2023-0326 - Updated java openjdk packages fix security vulnerabilities Publication date: 28 Nov 2023 URL: https://advisories.mageia.org/MGASA-2023-0326.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2022-40433, CVE-2023-22081, CVE-2023-22067 The updated packages fix security vulnerabilities: Segmentation fault in ciMethodBlocks. (CVE-2022-40433) Certificate path validation issue during client authentication. (CVE-2023-22081) IOR deserialization issue in CORBA. (CVE-2023-22067) References: - https://bugs.mageia.org/show_bug.cgi?id=32413 - https://access.redhat.com/errata/RHSA-2023:5732 - https://access.redhat.com/errata/RHSA-2023:5736 - https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixJAVA - https://www.cve.org/CVERecord?id=CVE-2022-40433 - https://www.cve.org/CVERecord?id=CVE-2023-22081 - https://www.cve.org/CVERecord?id=CVE-2023-22067 SRPMS: - 8/core/java-1.8.0-openjdk-1.8.0.392.b08-1.mga8 - 8/core/java-11-openjdk-11.0.21.0.9-1.mga8 - 9/core/java-1.8.0-openjdk-1.8.0.392.b08-1.mga9 - 9/core/java-11-openjdk-11.0.21.0.9-1.mga9 - 9/core/java-latest-openjdk-21.0.1.0.12-1.rolling.1.mga9 . Updated OpenJDK packages for Java resolve segmentation faults and SSL certificate validation issues on Mageia platforms.. Java OpenJDK Security, Mageia Security Update, Client Authentication Issues, CORBA Deserialization Error. . LinuxSecurity.com Team
Nov 28, 2023
Mageia
200
security advisorysecurity fixOpenJDKScientific Linux SL7: SLSA-2023:5761 Moderate: OpenJDK Client Issue Details
OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: certificate path validation issue during client authentication (830996 6) (CVE-2023-22081) Bug Fix(es): * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJD K by JDK-8300596, with a default of 8 MB. This default proved to be too small for some J [More...] . Red Hat Security Advisory: java-1.8.0-openjdk security update Advisory ID: SLSA-2023:5761 Issue Date: 2023-10-18 CVE Numbers: CVE-2023-22067 CVE-2023-22081 -- The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) Bug Fix(es): * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596 , with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. (RHEL -13576) * The /usr/bin/jfr alternative is now owned by the java-1.8.0-openjdk package (RHEL-11319) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:5761 -- SL7 srpm java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.src x86_64 java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.x86_64 i386 java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.i686 noarch java-1.8.0-openjdk-javadoc-1:1.8.0.392.b08-2.el7_9.noarch - Scientific Linux Development Team . Latest OpenJDK enhancements address CORBA deserialization vulnerabilities and client authentication problems specifically for SL7 users. Maintain your security!. OpenJDK Updates, CORBA Security, Client Auth Fixes, SL7 Advisory. . LinuxSecurity.com Team
Nov 09, 2023
Scientific Linux
200
security advisorymoderatesecurity issueScientific Linux: SLSA-2023:5736 Moderate Java 11 OpenJDK Security Fix
OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) Bug Fix(es): * Additional validity checks in the hand ling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing the use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced b [More...] . Red Hat Security Advisory: java-11-openjdk security and bug fix update Advisory ID: SLSA-2023:5736 Issue Date: 2023-10-18 CVE Numbers: CVE-2023-22081 -- The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) Bug Fix(es): * Additional validity checks in the handling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing th e use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced by some Zip64 creation tools. With both releases, the checks can be disabled using -Djdk.util.zip.disableZip64ExtraFieldValid ation=true. (RHBZ#2236229) * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596 , with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. (RHEL -13217) * The serviceability agent would print an exception when encountering null addresses while producing thread dumps. These null values ar e now handled appropriately. (JDK-8243210) * The /usr/bin/jfr alternative is now owned by the java-11-openjdk package (RHEL-11320) * The jcmd tool is now provided by the java-11-openjdk-headless package, rather than java-1.8.0-openjdk-devel, to make it more accessib le (RHEL-13227) --- This content isderived from https://access.redhat.com/errata/RHSA-2023:5736 -- SL7 srpm java-11-openjdk-1:11.0.21.0.9-1.el7_9.src x86_64 java-11-openjdk-1:11.0.21.0.9-1.el7_9.x86_64 i386 java-11-openjdk-1:11.0.21.0.9-1.el7_9.i686 - Scientific Linux Development Team . The recent Java 11 OpenJDK patch resolves issues related to certificate chain validation and introduces several corrections in SL7.. OpenJDK Issues, SL7 Updates, Java Security, Java Client Cert, Certificate Authentication. . LinuxSecurity.com Team
Nov 09, 2023
Scientific Linux
203
security advisorycriticalTLSMageia 8: MGASA-2022-0450 Critical: Erlang Client Authentication Bypass
In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. (CVE-2022-37026) References: . MGASA-2022-0450 - Updated erlang packages fix security vulnerability Publication date: 06 Dec 2022 URL: https://advisories.mageia.org/MGASA-2022-0450.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-37026 In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. (CVE-2022-37026) References: - https://bugs.mageia.org/show_bug.cgi?id=31190 - https://lists.suse.com/pipermail/sle-security-updates/2022-November/013107.html - - https://www.cve.org/CVERecord?id=CVE-2022-37026 SRPMS: - 8/core/erlang-23.2.1-3.2.mga8 . Essential security patch for Mageia tackling user authentication loophole in Erlang/OTP. Upgrade immediately to safeguard your system.. Erlang Security,Mageia Update,Client Certification,TLS Issues,Authentication Bypass. . Severity: Critical. LinuxSecurity.com Team
Dec 07, 2022
•Critical
Mageia
202
security advisorymoderatenetwork securityopenSUSE 15-SP3: 2021:1595-1 Moderate: Client Authentication Enhancement
An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for barrier ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1595-1 Rating: moderate References: Cross-References: CVE-2021-42072 CVE-2021-42073 Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for barrier fixes the following issues: Updated to version 2.4.0: Barrier now supports client identity verification (fixes CVE-2021-42072, CVE-2021-42073). Previously a malicious client could connect to Barrier server without any authentication and send application-level messages. This made the attack surface of Barrier significantly larger. Additionally, in case the malicious client got possession of a valid screen name by brute forcing or other means it could modify the clipboard contents of the server. To support seamless upgrades from older versions of Barrier this is currently disabled by default. The feature can be enabled in the settings dialog. If enabled, older clients of Barrier will be rejected. Barrier now uses SHA256 fingerprints for establishing security of encrypted SSL connections. After upgrading client to new version the existing server fingerprint will need to be approved again. Client and server will show both SHA1 and SHA256 server fingerprints to allow interoperability with older versions of Barrier. Bugfixes: * Fixed build failure on mips*el and riscv64 architecture. * Barrier no longer uses openssl CLI tool for any operations and hooks into the openssl library directly. * More X11 clipboard MIME types have been mapped to corresponding converters (#344). * Fixed setup of multiple actions associated with a hotkey. * Fixed setup ofhotkeys with special characters such as comma and semicolon (#778). * Fixed transfer of non-ASCII characters coming from a Windows server in certain cases (#527). * Barrier will now regenerate server certificate if it's invalid instead of failing to launch (#802) * Added support for additional keys on Sun Microsystems USB keyboards (#784). * Updated Chinese translation. * Updated Slovak translation. * Theme icons are now preferred to icons distributed together with Barrier (#471). Features: * Added --drop-target option that improves drag and drop support on Windows when Barrier is being run as a portable app. * The --enable-crypto command line option has been made the default to reduce chances of accidental security mishaps when configuring Barrier from command line. A new --disable-crypto command line option has been added to explicitly disable encryption. * Added support for randomart images for easier comparison of SSL certificate fingerprints. The algorithm is identical to what OpenSSH uses. * Implemented a configuration option for Server GUI auto-start. * Made it possible to use keyboard instead of mouse to modify screen layout. * Added support for keyboard backlight media keys * Added support for Eisu_toggle and Muhenkan keys * Added --profile-dir option that allows to select custom profile directory. submitted upstream at * Bug #4749 - Clipboard thread race condition causes assertion * Bug #4720 - Plugin download shows 'Could not get Linux package * Bug #4712 - Unable to send clipboard with size above 1KB when * Bug #4690 - Log line 'activeDesktop' does not use logging * Enhancement #4901 - Auto restart when running from GUI in * Bug #4650 - SSL error log message repeats excessively and * Bug #4601 - Large clipboard data with SSL causes 'protocol is * Bug #4593 - Locking Windows server causes SSL_ERROR_SSL to * Bug #4538 - Windows service crashes intermittentlywith no * Bug #4566 - Client or server crashes with 'ssl handshake * Bug #4706 - Installer is not output to build config dir * Bug #4704 - Plugin 'ns' release build is overwritten with * Bug #4697 - Timing can allow an SSL socket to be used after * Enhancement #4661 - Log error but do not crash when failing * Enhancement #4708 - Download ns plugin for specific Mac * Enhancement #4587 - Include OpenSSL binaries in source for * Enhancement #4695 - Automatically upload plugins as Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2021-1595=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le x86_64): barrier-2.4.0-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-42072.html https://www.suse.com/security/cve/CVE-2021-42073.html . This release targets vulnerabilities in Shield, improving user authentication to block unauthorized entry.. openSUSE Barrier Update, Network Security Improvements, Client Identity Verification. . LinuxSecurity.com Team
Dec 18, 2021
OpenSUSE
98
security advisorynetwork securitysecurity issueRed Hat 7: RHSA-2021-0808-01 Important: wpa_supplicant Use-After-Free
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2021:0808-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0808 Issue date: 2021-03-10 CVE Names: CVE-2021-27803 ==================================================================== 1. Summary: An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix(es): * wpa_supplicant: Use-after-free in P2P provision discovery processing (CVE-2021-27803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply thisupdate, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1933361 - CVE-2021-27803 wpa_supplicant: Use-after-free in P2P provision discovery processing 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: wpa_supplicant-2.6-12.el7_9.2.src.rpm x86_64: wpa_supplicant-2.6-12.el7_9.2.x86_64.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: wpa_supplicant-2.6-12.el7_9.2.src.rpm x86_64: wpa_supplicant-2.6-12.el7_9.2.x86_64.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: wpa_supplicant-2.6-12.el7_9.2.src.rpm ppc64: wpa_supplicant-2.6-12.el7_9.2.ppc64.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.ppc64.rpm ppc64le: wpa_supplicant-2.6-12.el7_9.2.ppc64le.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.ppc64le.rpm s390x: wpa_supplicant-2.6-12.el7_9.2.s390x.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.s390x.rpm x86_64: wpa_supplicant-2.6-12.el7_9.2.x86_64.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: wpa_supplicant-2.6-12.el7_9.2.src.rpm x86_64: wpa_supplicant-2.6-12.el7_9.2.x86_64.rpm wpa_supplicant-debuginfo-2.6-12.el7_9.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27803 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYEkjrtzjgjWX9erEAQhnOg/8CX/6tyU7Ymkwf2z505lAaWqalleWM0Qp A8otL3CMeFk5RXpJzEOyQv9574oFPo519grWuxAOuovEOm4irroH4oOmx0GIbg3H OPP5ODHQmJTh5EjoGVa+LnhnjIuPpC5rQK3toalCdZWsZI7XqRI4UwcO1Dj2HC7i /ZBsii+OwiZewrX0J5MgghfEg6KypZ7r5ArWjG6EW3Eq7qsCgltxCiQC+yRs7eaC 18b/5yBVHEmss+BlmoJgXFmc/1XzRc8cvqsOPka6xBsNAnoLDoH/JorqBbk5/TRw gtciJmHwboffEmxBwFG+eIqVXmEe6d78lsdyUpCrrYwDh1p6/+st/gSRxwp3KVMe l40stc4m6xQSjYUbV6dAmT+JLTJQC68Jt9XaILd8c+RDbiK7doSxYii6BFpu4Nst 95MA1vqnRVu9WSPQD3GtPtjzOgn5kUUM0Un6NUuao5rSGKTci3uYtiZbX0TYoWwE +gITKK6hNte03NK4MMcckx206Mm0w/FREiOejUQRvOMZuAYLsUjyzXOSXdoiGZyw NJaiX4/xTc9ale9ZIysQOp7CfISuLDKxl0MaWQsRrkIAu99v7lgr1Q69eild3VoX BL7Oi/DihFJ0wSiHCvJ6in8fVARvXjLVin/Q33jI9UVN+SdOr3snyWe0eIsD7vY5 SPV+EbOYvfs=a054 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 10, 2021
•Important
Red Hat
200
security advisorycritical threatimportant updateScientific Linux: SLSA-2017-2832-1 Critical: NSS Use-After-Free Threat
A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) SL6 x86_64 nss-3.28.4-4.el6_9.i686.rpm nss-3.28.4-4.el6_9.x86 [More...]. Synopsis: Important: nss security update Advisory ID: SLSA-2017:2832-1 Issue Date: 2017-09-29 CVE Numbers: CVE-2017-7805 -- Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) -- SL6 x86_64 nss-3.28.4-4.el6_9.i686.rpm nss-3.28.4-4.el6_9.x86_64.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.x86_64.rpm nss-sysinit-3.28.4-4.el6_9.x86_64.rpm nss-tools-3.28.4-4.el6_9.x86_64.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.x86_64.rpm i386 nss-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-sysinit-3.28.4-4.el6_9.i686.rpm nss-tools-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm SL7 x86_64 nss-3.28.4-12.el7_4.i686.rpm nss-3.28.4-12.el7_4.x86_64.rpm nss-debuginfo-3.28.4-12.el7_4.i686.rpm nss-debuginfo-3.28.4-12.el7_4.x86_64.rpm nss-sysinit-3.28.4-12.el7_4.x86_64.rpm nss-tools-3.28.4-12.el7_4.x86_64.rpm nss-devel-3.28.4-12.el7_4.i686.rpm nss-devel-3.28.4-12.el7_4.x86_64.rpm nss-pkcs11-devel-3.28.4-12.el7_4.i686.rpm nss-pkcs11-devel-3.28.4-12.el7_4.x86_64.rpm - Scientific Linux Development Team . Important NSSsecurity patch for Scientific Linux addresses a critical use-after-free vulnerability that could lead to application failures.. nss library update, Scientific Linux security, use-after-free issue. . Severity: Critical. LinuxSecurity.com Team
Sep 29, 2017
•Critical
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!